Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0fab819a by Moritz Muehlenhoff at 2025-07-02T10:38:16+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2025-6459 (The Ads Pro Plugin - Multi-Purpose WordPress
Advertising Manager
CVE-2025-6437 (The Ads Pro Plugin - Multi-Purpose WordPress Advertising
Manager plugi ...)
NOT-FOR-US: WordPress plugin
CVE-2025-6017 (A flaw was found in Red Hat Advanced Cluster Management through
versio ...)
- TODO: check
+ NOT-FOR-US: Red Hat Advanced Cluster Management
CVE-2025-5817 (The Amazon Products to WooCommerce plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2025-5746 (The Drag and Drop Multiple File Upload (Pro) - WooCommerce
plugin for ...)
@@ -23,13 +23,13 @@ CVE-2025-5339 (The Ads Pro Plugin - Multi-Purpose WordPress
Advertising Manager
CVE-2025-5014 (The Home Villas | Real Estate WordPress Theme theme for
WordPress is v ...)
NOT-FOR-US: WordPress plugin
CVE-2025-52925 (In One Identity OneLogin Active Directory Connector before
6.1.5, encr ...)
- TODO: check
+ NOT-FOR-US: OneLogin Active Directory Connector
CVE-2025-52463 (Cross-site request forgery vulnerability exists in Active!
mail 6 Buil ...)
- TODO: check
+ NOT-FOR-US: Active! mail
CVE-2025-52462 (Cross-site scripting vulnerability exists in Active! mail 6
BuildInfo: ...)
- TODO: check
+ NOT-FOR-US: Active! mail
CVE-2025-52101 (linjiashop <=0.9 is vulnerable to Incorrect Access Control.
When using ...)
- TODO: check
+ NOT-FOR-US: linjiashop
CVE-2025-4689 (The Ads Pro Plugin - Multi-Purpose WordPress Advertising
Manager plugi ...)
NOT-FOR-US: WordPress plugin
CVE-2025-4654 (The Soumettre.fr plugin for WordPress is vulnerable to
unauthorized ac ...)
@@ -144,9 +144,9 @@ CVE-2025-45080 (YONO SBI: Banking & Lifestyle v1.23.36 was
discovered to use une
CVE-2025-45006 (Improper mstatus.SUM bit retention (non-zero) in Open-Source
RISC-V Pr ...)
TODO: check
CVE-2025-41656 (An unauthenticated remote attacker can run arbitrary commands
on the a ...)
- TODO: check
+ NOT-FOR-US: IndustrialPI
CVE-2025-41648 (An unauthenticated remote attacker can bypass the login to the
web app ...)
- TODO: check
+ NOT-FOR-US: IndustrialPI
CVE-2025-37099 (A remote code execution vulnerability exists in HPE Insight
Remote Sup ...)
NOT-FOR-US: HPE
CVE-2025-37098 (A path traversal vulnerability exists in HPE Insight Remote
Support (I ...)
@@ -164,11 +164,11 @@ CVE-2025-34066 (An improper certificate validation
vulnerability exists in AVTEC
CVE-2025-34065 (An authentication bypass vulnerability exists in AVTECH IP
camera, DVR ...)
NOT-FOR-US: AVTECH
CVE-2025-34064 (A cloud infrastructure misconfiguration in OneLogin AD
Connector resul ...)
- TODO: check
+ NOT-FOR-US: OneLogin Active Directory Connector
CVE-2025-34063 (A cryptographic authentication bypass vulnerability exists in
OneLogin ...)
- TODO: check
+ NOT-FOR-US: OneLogin Active Directory Connector
CVE-2025-34062 (An information disclosure vulnerability exists in OneLogin AD
Connecto ...)
- TODO: check
+ NOT-FOR-US: OneLogin Active Directory Connector
CVE-2025-34060 (A PHP objection injection vulnerability exists in the Monero
Project\u ...)
TODO: check
CVE-2025-34059 (An SQL injection vulnerability exists in the Dahua Smart Cloud
Gateway ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fab819a52da7166b3cae7adb642a1434a3447d9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fab819a52da7166b3cae7adb642a1434a3447d9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
